如何在 Azure AD B2C 中创建仅电子邮件页面?
[英]How to create an email only page in Azure AD B2C?
问题描述
I would like to have a page in front of my sign in page where there is only an email address field and a button.
我希望在我的登录页面前面有一个页面,其中只有一个电子邮件地址字段和一个按钮。 Once the user clicks the button, they go to another page where they can enter their username and password and sign in. Is this possible in B2C?一旦用户单击按钮,他们就会转到另一个页面,在那里他们可以输入他们的用户名和密码并登录。这在 B2C 中可行吗?
Email only page:仅电子邮件页面:
Sign In Page:登录页面:
Step 1. In the TrustFrameworkBase.xml file, add an input restriction to the signInName claim type, so that only an e-mail address can be entered on the first page.步骤 1. 在 TrustFrameworkBase.xml 文件中,向 signInName 声明类型添加输入限制,以便在第一页上只能输入电子邮件地址。
<!-- Claims needed for local accounts. -->
<!--<ClaimType Id="signInName">
<DisplayName>Sign in name</DisplayName>
<DisplayName>Email address</DisplayName>
<DataType>string</DataType>
<UserHelpText />
<UserInputType>TextBox</UserInputType>
</ClaimType>-->
<ClaimType Id="signInName">
<DisplayName>Email address</DisplayName>
<DataType>string</DataType>
<UserHelpText/>
<UserInputType>TextBox</UserInputType>
<Restriction>
<Pattern RegularExpression="^[a-zA-Z0-9.!#$%&'^_`{}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$" HelpText="Please enter a valid email address." />
</Restriction>
</ClaimType>
Step 2. In the TrustFrameworkBase.xml file, add another technical profile to the Local Account claims provider, which prompts for the e-mail address.步骤 2. 在 TrustFrameworkBase.xml 文件中,将另一个技术配置文件添加到本地帐户声明提供程序,提示输入电子邮件地址。
<ClaimsProvider>
<DisplayName>Local Account</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-EmailOnly">
<DisplayName>Local Account Signin</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="signInName" Required="true" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
...
Step 3. In the TrustFrameworkBase.xml file, add SelfAsserted-LocalAccountSignin-EmailOnly to the SignUpOrSignIn user journey as the first orchestration step.步骤 3. 在 TrustFrameworkBase.xml 文件中,将 SelfAsserted-LocalAccountSignin-EmailOnly 添加到 SignUpOrSignIn 用户旅程作为编排的第一步。
<UserJourneys>
<UserJourney Id="SignUpOrSignIn">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailOnlyExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-EmailOnly" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="FacebookExchange" />
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
I still get prompted for a password (CSS is hiding the field):我仍然被提示输入密码(CSS 隐藏了该字段):
1 个解决方案
解决方案1
1 已采纳 2020-10-02 07:58:38
A custom policy can be implemented for this "paginated" sign-in using the LocalAccounts starter pack as follows.可以使用LocalAccounts 入门包为这个“分页”登录实现自定义策略,如下所示。
- In the TrustFrameworkBase.xml file , add an input restriction to the signInName claim type , so that only an e-mail address can be entered on the first page.在TrustFrameworkBase.xml文件中,向signInName声明类型添加输入限制,以便在第一页上只能输入电子邮件地址。
<ClaimType Id="signInName">
<DisplayName>Email address</DisplayName>
<DataType>string</DataType>
<UserHelpText/>
<UserInputType>TextBox</UserInputType>
<Restriction>
<Pattern RegularExpression="^[a-zA-Z0-9.!#$%&'^_`{}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$" HelpText="Please enter a valid email address." />
</Restriction>
</ClaimType>
- In the TrustFrameworkBase.xml file, add another technical profile to the Local Account claims provider , which prompts for the e-mail address.在TrustFrameworkBase.xml文件中,将另一个技术配置文件添加到本地帐户声明提供程序,它会提示输入电子邮件地址。
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-EmailOnly">
<DisplayName>Local Account Signin</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="signInName" Required="true" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
- In the TrustFrameworkBase.xml file, add SelfAsserted-LocalAccountSignin-EmailOnly to the SignUpOrSignIn user journey as the first orchestration step.在TrustFrameworkBase.xml文件中,将SelfAsserted-LocalAccountSignin-EmailOnly添加到SignUpOrSignIn用户旅程作为编排的第一步。
<UserJourney Id="SignUpOrSignIn">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailOnlyExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-EmailOnly" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.